IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Cybersecurity: Still No. 1 on Every CIO's Agenda

From revisiting the effectiveness of passwords to exploring what cyber response can learn from emergency management, our annual cybersecurity issue digs into what it takes to keep government secure in 2023.

person sitting in front of a laptop with hand on the keyboard
Cybersecurity has ranked as the No. 1 priority for government chief information officers in every survey in recent memory. Not-so-recent memory too. Little wonder, then, that the topic always snags a prominent place in our editorial coverage. On govtech.com, you’ll find new cybersecurity stories nearly every day, and we’ve dedicated an issue of the magazine to cyber for at least as long as it’s topped the agendas of CIOs. And though cyber has been with us for a while and isn’t going anywhere soon, we’ve zeroed in on some new questions facing those on the cyber front lines.

Are We Witnessing the Death of the Password? contemplates the shifting popularity of arguably the most widely recognized digital security tool. We talked to experts with government and private-sector backgrounds to get a sense of whether passwords’ days are numbered. Created in the early 1960s by MIT computer science professor Fernando Corbató, he might’ve imagined they would have already faded into obsolescence, replaced by more sophisticated tools, more than 60 years later.

After all, list after list of common passwords, demonstrate a startling lack of creativity — so many sets of sequential numbers, the word “password,” etc. That lack of creativity hints at the fact that users just want to access whatever system they’re trying to get into as quickly as possible. Security staff, however, are the ones encouraging password complexity to guard against intrusion and data loss.

Given the inevitable friction between ease of use and security, where does that leave passwords? Our experts have some interesting perspectives on where they fit into the evolving cybersecurity landscape. It brings to mind the old quote from Mark Twain: “Reports of [its] death have been greatly exaggerated.”

Americans throughout history have rallied to contribute their time and talents at home and abroad toward making progress on vexing societal issues. Organizations like the Peace Corps, AmeriCorps, Code for America and countless others provide a link to the modern citizen cyber brigade. Why not enlist everyday residents to supplement professional cybersecurity staff working inside government in times of crisis?

Our story on citizen cyber brigades looks at these volunteer groups across the country now that some of these early organizations have had a few years to mature. Are these well-intentioned groups delivering on their promise? What challenges have emerged as states have implemented them? More foundationally, are they a good idea?

Our final feature in this issue, What Cyber Response Can Learn from Traditional Disasters, felt especially timely as both the Maui wildfire and Tropical Storm Idalia struck as we were working on this issue. The catastrophic impact of these events on life and property can’t be compared to a less-visibly heart-wrenching cyber emergency. But nonetheless, some recent cyber incidents have garnered “emergency” declarations from government entities due to their far-reaching effects.

But even the hacks and intrusions that don’t grab attention from elected officials bring a timely, coordinated response among professional staff in a variety of disciplines. This fact had us asking whether cyber responders could glean any insight from the more mature field of emergency management. What we found, in fact, is that some entities are starting to foster collaboration between emergency and cyber responders, due in part to some similarity in their work. And again, while the considerations are quite distinct in some areas, an all-hazards plan that includes cyber incidents is well suited to future-focused organizations.

This story appears in the October/November issue of Government Technology magazine. Click here to view the full digital edition online.
Noelle Knell is the executive editor for e.Republic, responsible for setting the overall direction for e.Republic’s editorial platforms, including Government Technology, Governing, Industry Insider, Emergency Management and the Center for Digital Education. She has been with e.Republic since 2011, and has decades of writing, editing and leadership experience. A California native, Noelle has worked in both state and local government, and is a graduate of the University of California, Davis, with majors in political science and American history.